Skip to main content
caution

BitNinja for Windows development is currently on pause and we don't have ETA when future release is expected. Support is limited to the available features.

Please treat it as an early alpha product for testing.

Intro

Files

The agent is installed to C:\Program Files\BitNinja (Program Files (x86) on 32-bit systems). Under this folder there is only a single executable which is the agent itself and a config folder with a config file in it. This config should not be modified. Also, the agent should not be started manually via the executable, it is done by a service.

There are also other folders related to BitNinja:

  • C:\ProgramData\BitNinja\BitNinjaConfig

    • Currently, this folder contains a single JSON file which holds the license information related to the server.

  • C:\ProgramData\BitNinja\BitNinjaLib

    • This folder is a working directory and contains temporary files. There is no need to do anything with them.

The above folders should not be deleted.

Logs

The Windows agent has a single log file at C:\ProgramData\BitNinja\main.log.

Features

The first version of BitNinja for Windows implements the IP Reputation feature which works just like its Linux counterpart with a few limitations.

The Windows version supports the following lists:

  • Block list
  • Allow list
  • Challenge list (over HTTP only - We do block on HTTPS but no Captcha is present)
  • AntiMalware (new)

For IP addresses on the Challenge list, we display the same Captcha page as with the Linux version. After the visitor solves the Captcha, they will see a page which says “Reloading” for a brief period (2-5 seconds at most) because delisting takes more time on Windows.

When the Windows agent starts, these lists and their rules are immediately applied.

Current limitations

  • Any setting applied to a Windows server through the dashboard other than IP delisting (or adding an IP to a list) will not be applied to the agent.
  • Currently, the Windows agent can not be invoked through the CLI.
    • This means that any list manipulation (such as adding an IP to the white list) must be done via the Dashboard.
  • The loading of the IPs is single-threaded, resulting in varying load times and generated load depending on the single-core performance of the CPU.
  • As we are reconstructing the HTTP packages, running the service may result in slightly increased latency (depending on the single-core performance of the CPU).
  • BitNinja for Windows installs 2 services on the server:
    • BitNinja Service: Can be started/stopped/restarted if needed but wait a couple of minutes before stopping after it is started.
    • BnipfService: It is not recommended to stop or restart this manually as that might cause issues.
  • The Captcha will only be displayed through HTTP (port 80). Challenge listed IP addresses connecting through HTTPS (port 443) will be just blocked.
  • IPv6 is not supported.
  • Country blocking and IP ranges on any of our lists in general are not supported.
  • The challenge and block lists do not work with sites behind proxies (e.g. CloudFlare).
  • This version has no auto-update support, this will be supported in later releases.
  • Resolving a captcha might take a few seconds before the IP is removed from the Challenge list.